Adlumin Tracks Suspicious Behaviors to Bust Cyber Intruders

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Cybersecurity currently is a frequently discussed but often misunderstood field. At Adlumin, though, it’s a well-understood topic that’s more than just a buzzword. The employees design solutions to identify and prevent potential breaches in clients’ networks.

Cybersecurity is a broad term, but the Adlumin team targets what co-founder and VP of business development Timothy Evans calls “the Edward Snowden problem,” when a seemingly authorized user enters part of the network they’re not allowed to access.

“I realized that corporate breaches were continuing to succeed because attackers were able to steal the identities of employees and use that identity to attack the infrastructure as if they were that person,” said Adlumin president and CEO Robert Johnston. “The problem we set out to solve is the identity access and management piece.”

A small breach such as a user figuring out a computer password can compromise an entire business structure because the illegitimate user often gains access to other accounts with locally-saved passwords, such as Gmail or Twitter.

“Eventually [an intruder can] end up with the keys to the entire kingdom and they can literally access any system or cloud resource they want,” Johnston said.

That’s what happened during the Democratic National Committee hack last year when more than 100 users’ private email accounts were accessed, Johnston said. He led the response effort to the DNC breach and said those hackers “were able to access the system as if they were a user.”

Adlumin’s software can “see” and monitor every single user on a client’s network, even on a global scale. It incorporates user behavior analytics — which Johnston said not all cybersecurity companies deal with — to determine if a network is in danger.

“Rob decided we needed to solve a hard problem, which is to find intruders in a network. They don’t use things like malware or ransomware, they’re in the network and they look like your legitimate users,” Evans said. “There’s only one way to find them and that’s based on their behavior patterns to determine whether they’re a real user or a fake user.”

Adlumin’s software monitors a business’ network 24/7 to detect changes in user behaviors. Evans explained that it uses artificial intelligence and machine learning to continuously update information about user habits. If the software detects a potential anomaly, it sends an alert. Think of it like a credit card company tracking a card user’s spending habits and sending a warning notification when an odd purchase occurs.

Clarendon-based Adlumin incorporated in June 2016 and was assisted by the Herndon-based Mach37 cybersecurity business incubator. It now has five full-time employees and plans further expansion this year.

“The Washington, D.C. metro area, and specifically Arlington, is an awesome place to do this business,” Evans said.

Noting the proximity to the country’s top intelligence agencies, Johnston said there’s “a lot of untapped human capital in this area” for cybersecurity.

As far as what’s in store for the future, Johnston said the Adlumin team will continue updating its software algorithms and wants to “dominate the identity and access management piece” of cybersecurity.